package main

import (
	"crypto/tls"
	"fmt"
)

var GREASE_values = []string{
	"0x0A0A",
	"0x0A0A",
	"0x1A1A",
	"0x2A2A",
	"0x3A3A",
	"0x4A4A",
	"0x5A5A",
	"0x6A6A",
	"0x7A7A",
	"0x8A8A",
	"0x9A9A",
	"0xAAAA",
	"0xBABA",
	"0xCACA",
	"0xDADA",
	"0xEAEA",
	"0xFAFA",
	"0xA0A",
}

func isGrease(cipher string) bool {
	for _, g := range GREASE_values {
		if g == cipher {
			return true
		}
	}
	return false
}

// https://testssl.sh/openssl-iana.mapping.html

// for i in c.split("\n"):
//
//	print(i.split("\t")[0][1:-1] + ': "' + i.split("\t")[-1] + '",')
var ciphers = map[uint16]string{
	0x00: "TLS_NULL_WITH_NULL_NULL",
	0x01: "TLS_RSA_WITH_NULL_MD5",
	0x02: "TLS_RSA_WITH_NULL_SHA",
	0x03: "TLS_RSA_EXPORT_WITH_RC4_40_MD5",
	0x04: "TLS_RSA_WITH_RC4_128_MD5",
	0x05: "TLS_RSA_WITH_RC4_128_SHA",
	0x06: "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
	0x07: "TLS_RSA_WITH_IDEA_CBC_SHA",
	0x08: "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA",
	0x09: "TLS_RSA_WITH_DES_CBC_SHA",
	0x0a: "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
	0x0b: "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
	0x0c: "TLS_DH_DSS_WITH_DES_CBC_SHA",
	0x0d: "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA",
	0x0e: "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
	0x0f: "TLS_DH_RSA_WITH_DES_CBC_SHA",
	0x10: "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA",
	0x11: "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
	0x12: "TLS_DHE_DSS_WITH_DES_CBC_SHA",
	0x13: "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
	0x14: "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
	0x15: "TLS_DHE_RSA_WITH_DES_CBC_SHA",
	0x16: "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
	0x17: "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5",
	0x18: "TLS_DH_anon_WITH_RC4_128_MD5",
	0x19: "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
	0x1a: "TLS_DH_anon_WITH_DES_CBC_SHA",
	0x1b: "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
	0x1c: "SSL_FORTEZZA_KEA_WITH_NULL_SHA",
	0x1d: "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA",
	// https://github.com/openssl/openssl/issues/6710
	// 0x1e:     "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA",
	0x1e:   "TLS_KRB5_WITH_DES_CBC_SHA",
	0x1f:   "TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
	0x20:   "TLS_KRB5_WITH_RC4_128_SHA",
	0x21:   "TLS_KRB5_WITH_IDEA_CBC_SHA",
	0x22:   "TLS_KRB5_WITH_DES_CBC_MD5",
	0x23:   "TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
	0x24:   "TLS_KRB5_WITH_RC4_128_MD5",
	0x25:   "TLS_KRB5_WITH_IDEA_CBC_MD5",
	0x26:   "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
	0x27:   "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA",
	0x28:   "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
	0x29:   "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
	0x2a:   "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5",
	0x2b:   "TLS_KRB5_EXPORT_WITH_RC4_40_MD5",
	0x2c:   "TLS_PSK_WITH_NULL_SHA",
	0x2d:   "TLS_DHE_PSK_WITH_NULL_SHA",
	0x2e:   "TLS_RSA_PSK_WITH_NULL_SHA",
	0x2f:   "TLS_RSA_WITH_AES_128_CBC_SHA",
	0x30:   "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
	0x31:   "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
	0x32:   "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
	0x33:   "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
	0x34:   "TLS_DH_anon_WITH_AES_128_CBC_SHA",
	0x35:   "TLS_RSA_WITH_AES_256_CBC_SHA",
	0x36:   "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
	0x37:   "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
	0x38:   "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
	0x39:   "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
	0x3a:   "TLS_DH_anon_WITH_AES_256_CBC_SHA",
	0x3b:   "TLS_RSA_WITH_NULL_SHA256",
	0x3c:   "TLS_RSA_WITH_AES_128_CBC_SHA256",
	0x3d:   "TLS_RSA_WITH_AES_256_CBC_SHA256",
	0x3e:   "TLS_DH_DSS_WITH_AES_128_CBC_SHA256",
	0x3f:   "TLS_DH_RSA_WITH_AES_128_CBC_SHA256",
	0x40:   "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
	0x41:   "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
	0x42:   "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA",
	0x43:   "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA",
	0x44:   "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA",
	0x45:   "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",
	0x46:   "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA",
	0x60:   "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
	0x61:   "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5",
	0x62:   "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA",
	0x63:   "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA",
	0x64:   "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA",
	0x65:   "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",
	0x66:   "TLS_DHE_DSS_WITH_RC4_128_SHA",
	0x67:   "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
	0x68:   "TLS_DH_DSS_WITH_AES_256_CBC_SHA256",
	0x69:   "TLS_DH_RSA_WITH_AES_256_CBC_SHA256",
	0x6a:   "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
	0x6b:   "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
	0x6c:   "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
	0x6d:   "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
	0x80:   "TLS_GOSTR341094_WITH_28147_CNT_IMIT",
	0x81:   "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
	0x82:   "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
	0x83:   "TLS_GOSTR341094_WITH_NULL_GOSTR3411",
	0x84:   "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",
	0x85:   "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA",
	0x86:   "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA",
	0x87:   "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA",
	0x88:   "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",
	0x89:   "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA",
	0x8a:   "TLS_PSK_WITH_RC4_128_SHA",
	0x8b:   "TLS_PSK_WITH_3DES_EDE_CBC_SHA",
	0x8c:   "TLS_PSK_WITH_AES_128_CBC_SHA",
	0x8d:   "TLS_PSK_WITH_AES_256_CBC_SHA",
	0x8e:   "TLS_DHE_PSK_WITH_RC4_128_SHA",
	0x8f:   "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA",
	0x90:   "TLS_DHE_PSK_WITH_AES_128_CBC_SHA",
	0x91:   "TLS_DHE_PSK_WITH_AES_256_CBC_SHA",
	0x92:   "TLS_RSA_PSK_WITH_RC4_128_SHA",
	0x93:   "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA",
	0x94:   "TLS_RSA_PSK_WITH_AES_128_CBC_SHA",
	0x95:   "TLS_RSA_PSK_WITH_AES_256_CBC_SHA",
	0x96:   "TLS_RSA_WITH_SEED_CBC_SHA",
	0x97:   "TLS_DH_DSS_WITH_SEED_CBC_SHA",
	0x98:   "TLS_DH_RSA_WITH_SEED_CBC_SHA",
	0x99:   "TLS_DHE_DSS_WITH_SEED_CBC_SHA",
	0x9a:   "TLS_DHE_RSA_WITH_SEED_CBC_SHA",
	0x9b:   "TLS_DH_anon_WITH_SEED_CBC_SHA",
	0x9c:   "TLS_RSA_WITH_AES_128_GCM_SHA256",
	0x9d:   "TLS_RSA_WITH_AES_256_GCM_SHA384",
	0x9e:   "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
	0x9f:   "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
	0xa0:   "TLS_DH_RSA_WITH_AES_128_GCM_SHA256",
	0xa1:   "TLS_DH_RSA_WITH_AES_256_GCM_SHA384",
	0xa2:   "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
	0xa3:   "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
	0xa4:   "TLS_DH_DSS_WITH_AES_128_GCM_SHA256",
	0xa5:   "TLS_DH_DSS_WITH_AES_256_GCM_SHA384",
	0xa6:   "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
	0xa7:   "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
	0xba:   "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256",
	0xbb:   "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256",
	0xbc:   "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
	0xbd:   "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256",
	0xbe:   "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
	0xbf:   "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256",
	0x00FF: "TLS_EMPTY_RENEGOTIATION_INFO",
	0x5600: "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
	0x1301: "TLS_AES_128_GCM_SHA256",
	0x1302: "TLS_AES_256_GCM_SHA384",
	0x1303: "TLS_CHACHA20_POLY1305_SHA256",
	0x1304: "TLS_AES_128_CCM_SHA256",
	0x1305: "TLS_AES_128_CCM_8_SHA256",
	0xc001: "TLS_ECDH_ECDSA_WITH_NULL_SHA",
	0xc002: "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
	0xc003: "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
	0xc004: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
	0xc005: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
	0xc006: "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
	0xc007: "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
	0xc008: "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
	0xc009: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
	0xc00a: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
	0xc00b: "TLS_ECDH_RSA_WITH_NULL_SHA",
	0xc00c: "TLS_ECDH_RSA_WITH_RC4_128_SHA",
	0xc00d: "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
	0xc00e: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
	0xc00f: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
	0xc010: "TLS_ECDHE_RSA_WITH_NULL_SHA",
	0xc011: "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
	0xc012: "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
	0xc013: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
	0xc014: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
	0xc015: "TLS_ECDH_anon_WITH_NULL_SHA",
	0xc016: "TLS_ECDH_anon_WITH_RC4_128_SHA",
	0xc017: "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
	0xc018: "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
	0xc019: "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
	0xc01a: "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA",
	0xc01b: "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA",
	0xc01c: "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA",
	0xc01d: "TLS_SRP_SHA_WITH_AES_128_CBC_SHA",
	0xc01e: "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA",
	0xc01f: "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA",
	0xc020: "TLS_SRP_SHA_WITH_AES_256_CBC_SHA",
	0xc021: "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA",
	0xc022: "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA",
	0xc023: "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
	0xc024: "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
	0xc025: "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
	0xc026: "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
	0xc027: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
	0xc028: "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
	0xc029: "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
	0xc02a: "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
	0xc02b: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
	0xc02c: "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
	0xc02d: "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
	0xc02e: "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
	0xc02f: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
	0xc030: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
	0xc031: "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
	0xc032: "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
	0xc033: "TLS_ECDHE_PSK_WITH_RC4_128_SHA",
	0xc034: "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA",
	0xc035: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA",
	0xc036: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA",
	0xc037: "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256",
	0xc038: "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384",
	0xc039: "TLS_ECDHE_PSK_WITH_NULL_SHA",
	0xc03A: "TLS_ECDHE_PSK_WITH_NULL_SHA256",
	0xc03B: "TLS_ECDHE_PSK_WITH_NULL_SHA384",
	0xc03C: "TLS_RSA_WITH_ARIA_128_CBC_SHA256",
	0xc03D: "TLS_RSA_WITH_ARIA_256_CBC_SHA384",
	0xc03E: "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256",
	0xc03F: "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384",
	0xc040: "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256",
	0xc041: "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384",
	0xc042: "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256",
	0xc043: "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384",
	0xc044: "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256",
	0xc045: "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384",
	0xc046: "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256",
	0xc047: "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384",
	0xc048: "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256",
	0xc049: "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384",
	0xc04A: "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256",
	0xc04B: "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384",
	0xc04C: "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256",
	0xc04D: "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384",
	0xc04E: "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256",
	0xc04F: "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384",
	0xc050: "TLS_RSA_WITH_ARIA_128_GCM_SHA256",
	0xc051: "TLS_RSA_WITH_ARIA_256_GCM_SHA384",
	0xc052: "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256",
	0xc053: "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384",
	0xc054: "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256",
	0xc055: "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384",
	0xc056: "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256",
	0xc057: "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384",
	0xc058: "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256",
	0xc059: "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384",
	0xc05A: "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256",
	0xc05B: "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384",
	0xc05C: "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256",
	0xc05D: "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384",
	0xc05E: "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256",
	0xc05F: "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384",
	0xc060: "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256",
	0xc061: "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384",
	0xc062: "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256",
	0xc063: "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384",
	0xc064: "TLS_PSK_WITH_ARIA_128_CBC_SHA256",
	0xc065: "TLS_PSK_WITH_ARIA_256_CBC_SHA384",
	0xc066: "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256",
	0xc067: "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384",
	0xc068: "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256",
	0xc069: "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384",
	0xc06A: "TLS_PSK_WITH_ARIA_128_GCM_SHA256",
	0xc06B: "TLS_PSK_WITH_ARIA_256_GCM_SHA384",
	0xc06C: "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256",
	0xc06D: "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384",
	0xc06E: "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256",
	0xc06F: "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384",
	0xc070: "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256",
	0xc071: "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384",
	0xc072: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
	0xc073: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
	0xc074: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
	0xc075: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
	0xc076: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
	0xc077: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384",
	0xc078: "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
	0xc079: "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384",
	0xc07A: "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256",
	0xc07B: "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384",
	0xc07C: "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
	0xc07D: "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
	0xc07E: "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
	0xc07F: "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
	0xc080: "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256",
	0xc081: "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384",
	0xc082: "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256",
	0xc083: "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384",
	0xc084: "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256",
	0xc085: "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384",
	0xc086: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
	0xc087: "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
	0xc088: "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
	0xc089: "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
	0xc08A: "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
	0xc08B: "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
	0xc08C: "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
	0xc08D: "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
	0xc08E: "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256",
	0xc08F: "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384",
	0xc090: "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256",
	0xc091: "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384",
	0xc092: "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256",
	0xc093: "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384",
	0xc094: "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256",
	0xc095: "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384",
	0xc096: "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
	0xc097: "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
	0xc098: "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256",
	0xc099: "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384",
	0xc09A: "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
	0xc09B: "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
	0xc09c: "TLS_RSA_WITH_AES_128_CCM",
	0xc09d: "TLS_RSA_WITH_AES_256_CCM",
	0xc09e: "TLS_DHE_RSA_WITH_AES_128_CCM",
	0xc09f: "TLS_DHE_RSA_WITH_AES_256_CCM",
	0xc0a0: "TLS_RSA_WITH_AES_128_CCM_8",
	0xc0a1: "TLS_RSA_WITH_AES_256_CCM_8",
	0xc0a2: "TLS_DHE_RSA_WITH_AES_128_CCM_8",
	0xc0a3: "TLS_DHE_RSA_WITH_AES_256_CCM_8",
	0xc0a4: "TLS_PSK_WITH_AES_128_CCM",
	0xc0a5: "TLS_PSK_WITH_AES_256_CCM",
	0xc0a6: "TLS_DHE_PSK_WITH_AES_128_CCM",
	0xc0a7: "TLS_DHE_PSK_WITH_AES_256_CCM",
	0xc0a8: "TLS_PSK_WITH_AES_128_CCM_8",
	0xc0a9: "TLS_PSK_WITH_AES_256_CCM_8",
	0xc0aa: "TLS_PSK_DHE_WITH_AES_128_CCM_8",
	0xc0ab: "TLS_PSK_DHE_WITH_AES_256_CCM_8",
	0xc0ac: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM",
	0xc0ad: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM",
	0xc0ae: "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",
	0xc0af: "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",
	0xcc13: "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD",
	0xcc14: "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD",
	0xcc15: "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD",
	0xcca8: "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
	0xcca9: "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
	0xccaa: "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
	0xccab: "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256",
	0xccac: "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
	0xccad: "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
	0xccae: "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256",
	0xff00: "TLS_GOSTR341094_RSA_WITH_28147_CNT_MD5",
	0xff01: "TLS_RSA_WITH_28147_CNT_GOST94",
	0xff02: "256",
	0xff03: "256",
	0xfefe: "SSL_RSA_FIPS_WITH_DES_CBC_SHA",
	0xfeff: "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA",
	0xfee0: "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA",
	0xfee1: "SSL_RSA_FIPS_WITH_DES_CBC_SHA",
	// 0x010080: "SSL_CK_RC4_128_WITH_MD5",
	// 0x020080: "SSL_CK_RC4_128_EXPORT40_WITH_MD5",
	// 0x030080: "SSL_CK_RC2_128_CBC_WITH_MD5",
	// 0x040080: "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5",
	// 0x050080: "SSL_CK_IDEA_128_CBC_WITH_MD5",
	// 0x060040: "SSL_CK_DES_64_CBC_WITH_MD5",
	// 0x060140: "SSL_CK_DES_64_CBC_WITH_SHA",
	// 0x0700c0: "SSL_CK_DES_192_EDE3_CBC_WITH_MD5",
	// 0x0701c0: "SSL_CK_DES_192_EDE3_CBC_WITH_SHA",
	// 0x080080: "SSL_CK_RC4_64_WITH_MD5",
	// 0xff0800: "SSL_CK_DES_64_CFB64_WITH_MD5_1",
	// 0xff0810: "SSL_CK_NULL",
}

func GetCipherSuiteName(cipher uint16) string {
	if name, ok := ciphers[cipher]; ok {
		return name
	}

	return tls.CipherSuiteName(cipher)

}

// https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
// https://boringssl.googlesource.com/boringssl/+/master/ssl/test/runner/common.go
var extensions = map[uint16]string{
	0:     "server_name",
	1:     "max_fragment_length",
	2:     "client_certificate_url",
	3:     "trusted_ca_keys",
	4:     "truncated_hmac",
	5:     "status_request",
	6:     "user_mapping",
	7:     "client_authz",
	8:     "server_authz",
	9:     "cert_type",
	10:    "supported_groups",
	11:    "ec_point_formats",
	12:    "srp",
	13:    "signature_algorithms",
	14:    "use_srtp",
	15:    "heartbeat",
	16:    "application_layer_protocol_negotiation",
	17:    "status_request_v2",
	18:    "signed_certificate_timestamp",
	19:    "client_certificate_type",
	20:    "server_certificate_type",
	21:    "padding",
	22:    "encrypt_then_mac",
	23:    "extended_master_secret",
	24:    "token_binding",
	25:    "cached_info",
	26:    "tls_lts",
	27:    "compress_certificate",
	28:    "record_size_limit",
	29:    "pwd_protect",
	30:    "pwd_clear",
	31:    "password_salt",
	32:    "ticket_pinning",
	33:    "tls_cert_with_extern_psk",
	34:    "delegated_credentials",
	35:    "session_ticket",
	36:    "TLMSP",
	37:    "TLMSP_proxying",
	38:    "TLMSP_delegate",
	39:    "supported_ekt_ciphers",
	40:    "Reserved",
	41:    "pre_shared_key",
	42:    "early_data",
	43:    "supported_versions",
	44:    "cookie",
	45:    "psk_key_exchange_modes",
	46:    "Reserved",
	47:    "certificate_authorities",
	48:    "oid_filters",
	49:    "post_handshake_auth",
	50:    "signature_algorithms_cert",
	51:    "key_share",
	52:    "transparency_info",
	53:    "connection_id (deprecated)",
	54:    "connection_id",
	55:    "external_id_hash",
	56:    "external_session_id",
	57:    "quic_transport_parameters",
	58:    "ticket_request",
	59:    "dnssec_chain",
	1234:  "extensionCustom (boringssl)",
	13172: "extensionNextProtoNeg (boringssl)",
	17513: "extensionApplicationSettings (boringssl)",
	65281: "extensionRenegotiationInfo (boringssl)",
	65445: "extensionQUICTransportParamsLegacy (boringssl)",
	30032: "extensionChannelID (boringssl)",
	65535: "extensionDuplicate (boringssl)",
	65037: "extensionEncryptedClientHello (boringssl)",
	64768: "extensionECHOuterExtensions (boringssl)",
}

func GetExtensionNameByID(id uint16) string {
	if name, ok := extensions[id]; ok {
		return fmt.Sprintf("%v (%v)", name, id)
	}
	return fmt.Sprintf("Unknown extension %d", id)
}

// Curves
// https://pkg.go.dev/crypto/tls#CurveID
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
var curves = map[uint16]string{
	1:     "sect163k1 (1)",
	2:     "sect163k1 (2)",
	3:     "sect163r2 (3)",
	4:     "sect193r1 (4)",
	5:     "sect193r2 (5)",
	6:     "sect233k1 (6)",
	7:     "sect233r1 (7)",
	8:     "sect239k1 (8)",
	9:     "sect283k1 (9)",
	10:    "sect283r1 (10)",
	11:    "sect409k1 (11)",
	12:    "sect409r1 (12)",
	13:    "sect571k1 (13)",
	14:    "sect571r1 (14)",
	15:    "secp160k1 (15)",
	16:    "secp160r1 (16)",
	17:    "secp160r2 (17)",
	18:    "secp192k1 (18)",
	19:    "secp192r1 (19)",
	20:    "secp224k1 (20)",
	21:    "P-224 (21)",
	23:    "P-256 (23)",
	24:    "P-384 (24)",
	25:    "P-521 (25)",
	29:    "X25519 (29)",
	30:    "X448 (30)",
	31:    "P256r1tls13 (31)",
	32:    "P384r1tls13 (32)",
	33:    "P521r1tls13 (33)",
	34:    "GC256A (34)",
	35:    "GC256B (35)",
	36:    "GC256C (36)",
	37:    "GC256D (37)",
	38:    "GC512A (38)",
	39:    "GC512B (39)",
	40:    "GC512C (40)",
	41:    "SM2 (41)",
	256:   "ffdhe2048 (256)",
	257:   "ffdhe3072 (257)",
	258:   "ffdhe4096 (258)",
	259:   "ffdhe6144 (259)",
	260:   "ffdhe8192 (260)",
	16696: "CECPQ2 (16696)",

	// https://pq.cloudflareresearch.com/
	0xfe30: "X25519Kyber512 (65072)",
	0xfe31: "X25519Kyber768 (65073)",
	0x6399: "X25519Kyber768 (25497)",
	0x11ec: "X25519MLKEM768 (4588)",
}

func GetCurveNameByID(id uint16) string {
	if name, ok := curves[id]; ok {
		return name
	}
	return fmt.Sprintf("Unknown curve %d", id)
}

var signatures = map[uint16]string{
	513:  "rsa_pkcs1_sha1",
	515:  "ecdsa_sha1",
	1025: "rsa_pkcs1_sha256",
	1027: "ecdsa_secp256r1_sha256",
	1056: "rsa_pkcs1_sha256_legacy",
	1281: "rsa_pkcs1_sha384",
	1283: "ecdsa_secp384r1_sha384",
	1312: "rsa_pkcs1_sha384_legacy",
	1537: "rsa_pkcs1_sha512",
	1539: "ecdsa_secp521r1_sha512",
	1568: "rsa_pkcs1_sha512_legacy",
	1796: "eccsi_sha256",
	1797: "iso_ibs1",
	1798: "iso_ibs2",
	1799: "iso_chinese_ibs",
	1800: "sm2sig_sm3",
	1801: "gostr34102012_256a",
	1802: "gostr34102012_256b",
	1803: "gostr34102012_256c",
	1804: "gostr34102012_256d",
	1805: "gostr34102012_512a",
	1806: "gostr34102012_512b",
	1807: "gostr34102012_512c",
	2052: "rsa_pss_rsae_sha256",
	2053: "rsa_pss_rsae_sha384",
	2054: "rsa_pss_rsae_sha512",
	2055: "ed25519",
	2056: "ed25519",
	2057: "rsa_pss_pss_sha256",
	2058: "rsa_pss_pss_sha384",
	2059: "rsa_pss_pss_sha512",
	2074: "ecdsa_brainpoolP256r1tls13_sha256",
	2075: "ecdsa_brainpoolP384r1tls13_sha384",
	2076: "ecdsa_brainpoolP512r1tls13_sha512",
}

func GetSignatureNameByID(id uint16) string {
	if name, ok := signatures[id]; ok {
		return name
	}
	return fmt.Sprintf("0x%x", id)
}
